How to remove XSS and protect your website

Cross-site scripting (XSS) is a security bug that can affect websites. If present in your website, this bug can allow an attacker to add their own malicious JavaScript code onto the HTML pages displayed to your users. It refers to client-side code injection attack wherein an attacker can execute malicious scripts  into a legitimate website or web application.

XSS  is one of the most dangerous and most often found vulnerabilities related to web applications. Security researchers have found this vulnerability in most of the popular websites,

so how to protect your website from XSS???

use this simple function to check input data in your php code

use it like that

remember “Never trust any input!”

that’s all, if you have any question about this subject or any other questions, feel free to ask me in comments or social media

2 Comments

    1. Marc
      On January 3, 2016 at 9:33 pm

      Hey Taoufiq, do you think I have this issue on my site?

      Reply
      1. 2fi98a
        On January 4, 2016 at 3:04 pm

        Hi Marc, no your website not have this issue, just don’t install untrusted plugins and keep doing update to latest version

        Reply

Leave a Comment